Erick Reyes, ANZ Director, Data Security, Thales, says prioritising organisation-wide security principles can help best practices spread and take root.
One of the biggest challenges facing organisations’ cybersecurity strategies is how to successfully defend against today’s threats, while effectively preparing for tomorrow’s attacks.
In a world where relentless cyberattacks and data breaches continue to cause chaos, technological advancements, such as artificial intelligence (AI) and quantum computing are evolving fast – so too are their associated threats.
The impact of significant data breaches and cyber incidents has spread far beyond the realm of IT security experts and is now on every business leader and consumer’s mind. Yet many organisations find it difficult to know where to make strategic investments, what to prioritise and how to generate the most impact – both now and in the future.
Today’s top threat actors and fastest growing cyber threats
The growth and success of a business today relies as much on good data security as on protecting its cash flow – especially as the threat landscape shows no signs of slowing down.
According to our recent Data Threat Report 2024, 96% of Australian IT professionals believe security threats are increasing in volume or severity, a significant rise from 45% last year and a trend reflected across the globe. Defending against these threats – particularly where sensitive data is involved – remains an absolute security priority.
To build impactful security programs and allocate resources in an effective manner, security leaders and key business stakeholders need to understand who is responsible for putting organisations at risk, and the preferred methods they are using. Three of the most prolific threat actors today include:
- Hacktivists – individualsusing hacking methodologies, such as DDoS attacks, as a form of activism often motivated by political, social or ethical reasons.
- Nation-state actors – cybercriminal activity supported by a nationoften targets critical industries, to disrupt vital services or gain access to valuable data.
- Human error – often employees, partners or customers who have access to an enterprise’s system are the source of security weaknesses. Fueled by mistakes – rather than malicious intent – humans can open the door to threat actors resulting in catastrophic outcomes.
Phishing, malware and ransomware stand out at the fastest-growing threats of 2024. Six in ten Australian enterprises witnessed an increase in phishing attacks in the last 12 months, versus 39% in 2023, closely followed by ransomware (50%) and malware (33%).
Growth of GenAI signals a boom in emerging threats
Emerging technologies, such as Generative AI (GenAI) and quantum computing pose a serious shakeup to the current threat landscape.
Organisations intent on realizing the benefits of AI technologies as soon as possible are already weaving them into their operations at speed. The concern is that companies don’t yet fully understand the security vulnerabilities and risks they bring with them.
What’s more, cybercriminals are investing in AI to attack AI, creating a more powerful generation of cyberattack weaponry than we have witnessed before. The advancement of GenAI is one of the main reasons automated traffic, particularly bad bots, has increased over the past year. Often it is the technology of choice for cybercriminals looking to evade security controls and identify vulnerabilities at scale.
Preparing for the post-quantum world, now
While we haven’t fully entered the quantum era yet, technology is progressing rapidly and it won’t be long before a quantum cyberattack becomes a real possibility. Armed with quantum power that will break traditional encryption algorithms, cybercriminals will be able to analyse massive amounts of data, crippling large networks in a matter of minutes.
Almost a quarter of Australian organisations consider Post Quantum Cryptography (PQC) as the greatest concern to their security program, with Harvest-Now-Decrypt-Later (HNDL) attacks driving the most immediate worries. Such attacks enable criminals to collect encrypted data today with the intention of decrypting it in the future when the capabilities become available.
Three principles for more effective cybersecurity outcomes
As enterprises grow, their design and adoption of technological advancements will follow suit. Taking into consideration current security initiatives and emerging technologies, enterprises and security leaders could benefit from implementing the following, centrally defined security principles:
- Continuously evaluate exposure to effectively align targets and spending
Greatercybersecurity outcomes don’t necessarily require additional budget. In fact, businesses can reduce their expenditure by identifying critical areas to focus their investment on. It’s vital to treat this evaluation as an embedded and continuous process, as one-off audits will quickly become outdated.
Assessing risk exposure can also determine an organisation’s readiness for emerging threats, such as PQC. While it might seem premature, organisations take a couple of years to implement change throughout their infrastructure.
- Transition from reactive to proactive defenses
Security program transformation is characterized by proactive defenses that enable operators, developers and other users to adopt new technologies easily and safely.
By building stronger alliances across departments, organisations can reduce brittleness between security and development initiatives, resulting in a more dynamic, risk-based approach to security that proactively builds-in best practices.
This is particularly important when it comes to fighting the threats driven by emerging technologies. For example, organisations can begin preparing for a PQC world by implementing the first ever set of PQC algorithms released by the National Institute of Standards and Technology (NIST), which have been designed to withstand the attack of a quantum computer.
- Seek out stakeholder buy-in, and make it easy for them to get onboard
Shared goals and outcomes begin with aligned activities. For security leaders, this means understanding and communicating the positive business impact that proactive security has on developers, auditors, users, lines of business and customers.
In practice this might mean enabling different stakeholders to secure themselves, developers selecting simpler ways to onboard and authenticate customers, or embedding security champions programs that provide clear, concrete, and repeatable security guidance.
Prioritising organisation-wide security principles can help best practices spread and take root, leading to growing trust, resilience, readiness and the most robust line of cyber defense, both now and in the future.
